The purpose of this Sample Question Set is to provide you with information about the CompTIA Security+ exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the SY0-401 certification test. To get familiar with real exam environment, we suggest you try our Sample CompTIA Security+ Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual CompTIA Security+ certification exam.
These sample questions are simple and basic questions that represent likeness to the real CompTIA SY0-401 exam questions. To assess your readiness and performance with real time scenario based questions, we suggest you prepare with our Premium CompTIA Security+ Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
CompTIA SY0-401 Sample Questions:
01. During a recent audit, it was discovered that many servers and desktops were missing security patches. Which of the following BEST describes the assessment that was performed to discover this issue?
a) Network mapping
b) Vulnerability scan
c) Port scan
d) Protocol analysis
02. Which of the following helps to establish an accurate timeline for a network intrusion?
a) Hashing images of compromised systems
b) Reviewing the date of the antivirus definition files
c) Analyzing network traffic and device logs
d) Enforcing DLP controls at the perimeter
03. Which of the following is the BEST reason for placing a password lock on a mobile device?
a) Prevents an unauthorized user from accessing owner’s data
b) Enables remote wipe capabilities
c) Stops an unauthorized user from using the device again
d) Prevents an unauthorized user from making phone calls
04. Which of the following attacks involves the use of previously captured network traffic?
05. Which of the following solutions provides the most flexibility when testing new security controls prior to implementation?
a) Trusted OS
b) Host software baselining
c) OS hardening
06. In order to gain an understanding of the latest attack tools being used in the wild, an administrator puts a Unix server on the network with the “root” user’s password set to “root.” Which of the following BEST describes this technique?
c) Gray box testing
07. Which of the following works by implanting software on systems but delays execution until a specific set of conditions is met?
a) Logic bomb
08. A technician reports a suspicious individual is seen walking around the corporate campus. The individual is holding a smartphone and pointing a small antenna, in order to collect SSIDs. Which of the following attacks is occurring?
a) Rogue AP
b) Evil twin
d) War driving
09. Which of the following internal security controls is aimed at preventing two system administrators from completing the same tasks?
a) Least Privilege
b) Separation of Duties
c) Mandatory Vacation
d) Security Policy
10. Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?
a) Hybrid cloud
b) Community cloud
c) Private cloud
d) Public cloud
Note: For any error in CompTIA Security+ (SY0-401) certification exam sample questions, please update us by writing an email on firstname.lastname@example.org.